GitOps for k8s
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Dockerfile.flux 2.7KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758
  1. FROM alpine:3.9
  2. WORKDIR /home/flux
  3. RUN apk add --no-cache openssh ca-certificates tini 'git>=2.3.0' gnupg
  4. # Add git hosts to known hosts file so we can use
  5. # StrickHostKeyChecking with git+ssh
  6. ADD ./verify_known_hosts.sh /home/flux/verify_known_hosts.sh
  7. RUN ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com >> /etc/ssh/ssh_known_hosts && \
  8. sh /home/flux/verify_known_hosts.sh /etc/ssh/ssh_known_hosts && \
  9. rm /home/flux/verify_known_hosts.sh
  10. # Add default SSH config, which points at the private key we'll mount
  11. COPY ./ssh_config /etc/ssh/ssh_config
  12. COPY ./kubectl /usr/local/bin/
  13. # These are pretty static
  14. LABEL maintainer="Weaveworks <help@weave.works>" \
  15. org.opencontainers.image.title="flux" \
  16. org.opencontainers.image.description="The Flux daemon, for synchronising your cluster with a git repo, and deploying new images" \
  17. org.opencontainers.image.url="https://github.com/weaveworks/flux" \
  18. org.opencontainers.image.source="git@github.com:weaveworks/flux" \
  19. org.opencontainers.image.vendor="Weaveworks" \
  20. org.label-schema.schema-version="1.0" \
  21. org.label-schema.name="flux" \
  22. org.label-schema.description="The Flux daemon, for synchronising your cluster with a git repo, and deploying new images" \
  23. org.label-schema.url="https://github.com/weaveworks/flux" \
  24. org.label-schema.vcs-url="git@github.com:weaveworks/flux" \
  25. org.label-schema.vendor="Weaveworks"
  26. ENTRYPOINT [ "/sbin/tini", "--", "fluxd" ]
  27. # Get the kubeyaml binary (files) and put them on the path
  28. COPY --from=quay.io/squaremo/kubeyaml:0.5.2 /usr/lib/kubeyaml /usr/lib/kubeyaml/
  29. ENV PATH=/bin:/usr/bin:/usr/local/bin:/usr/lib/kubeyaml
  30. # Create minimal nsswitch.conf file to prioritize the usage of /etc/hosts over DNS queries.
  31. # This resolves the conflict between:
  32. # * fluxd using netgo for static compilation. netgo reads nsswitch.conf to mimic glibc,
  33. # defaulting to prioritize DNS queries over /etc/hosts if nsswitch.conf is missing:
  34. # https://github.com/golang/go/issues/22846
  35. # * Alpine not including a nsswitch.conf file. Since Alpine doesn't use glibc
  36. # (it uses musl), maintainers argue that the need of nsswitch.conf is a Go bug:
  37. # https://github.com/gliderlabs/docker-alpine/issues/367#issuecomment-354316460
  38. RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
  39. COPY ./kubeconfig /root/.kube/config
  40. COPY ./fluxd /usr/local/bin/
  41. ARG BUILD_DATE
  42. ARG VCS_REF
  43. # These will change for every build
  44. LABEL org.opencontainers.image.revision="$VCS_REF" \
  45. org.opencontainers.image.created="$BUILD_DATE" \
  46. org.label-schema.vcs-ref="$VCS_REF" \
  47. org.label-schema.build-date="$BUILD_DATE"